Cybersecurity Threats & You
There are so many cybersecurity threats out there in the world today, so we are covering 10 of the biggest threats so you can educate yourself to be aware of the warning signs of a cyber-attack.
Social Engineering
Social Engineering is the use of psychological manipulation to trick a user into making security mistakes or providing a cybercriminal with sensitive information.
Example of Social Engineering
Your company posted on LinkedIn that you just hired a new employee in your IT Department. A hacker sees this and emails your new employee using a fake email address from Human Resources. The email asks the employee to verify sensitive information to enter the company’s HR portal. And just like that, a hacker has broken in!
Ransomware
It’s in the name. Ransomware is a type of virus delivered that will not give back control of your device until the hacker’s stated ‘ransom’ has been paid. In all other ways, this virus behaves like a malware attack.
Malware
Malware is a type of virus that takes havoc on a user’s computer. Cybersecurity threats with malware are usually sent through email via a link or a downloadable file. Once you have clicked on the link or downloaded the file, the malware will activate.
Email/Spam
The most common way to send phishing scams is via email. Because of this, having a basic email phishing training course for your employees is a must. It’s been reported that 3 trillion phishing emails are sent every year, so one of them is bound to show up in your inbox.
Spear Phishing
Spear phishing, not to be confused with spearfishing, is considered a hyper-targeted phishing attack. Hacking pros will map out certain individuals or organizations to get the highest value on their efforts. Initial research is done before deploying this attack to make it seem more personal and believable.
Domain Spoofing
This is a popular cybersecurity threat that takes place over workplace email, hence a valuable thing to teach employees during phishing training. Domain spoofing will use fake email addresses that appear to be coming from your boss, co-worker, etc. Never click or download anything if you are suspicious of domain spoofing. The best thing you can do to stay safe is to verify the email sender through another form of communication.
Vishing (Voice Phishing)
We have all experienced spam calls at some time or another. Vishing is a phone call from a fake caller ID that attempts to trick recipients to give them sensitive information. The caller may be posing as your bank, car dealer, insurance carrier, etc. Proper phishing training can help point out the warning signs of what to look out for during one of these calls. As a golden rule, if there is a sense of urgency or the call seems random, it’s likely a vishing scam.
Smishing (SMS Phishing)
A smishing scam is sent through SMS texting. This text will normally contain a link the sender is asking you to click on. The link will generally go to a phishing website or ask you to grant them access to one of your accounts by logging into a portal.
Domain Spoofing
This is a popular cybersecurity threat that takes place over workplace email, hence a valuable thing to teach employees during phishing training. Domain spoofing will use fake email addresses that appear to be coming from your boss, co-worker, etc. Never click or download anything if you are suspicious of domain spoofing. The best thing you can do to stay safe is to verify the email sender through another form of communication.
Evil Twin Wi-Fi
Beware of the public Wi-Fi. Hackers can easily pose as a common network such as ‘Xfinity Wi-Fi’ and gain access to your information once you connect your device.
For more IT news, blogs, and industry insights throughout the week, follow us on Facebook, Twitter, LinkedIn, and Instagram.